Information Technology Reference
In-Depth Information
Biometric Identity Trust: Toward Secure
Biometric Enrollment in Web Environments
Florian Obergrusberger, Baris Baloglu, Johannes Sänger, and Christian Senk
University of Regensburg
Department of Management Information Systems
93053 Regensburg, Germany
Abstract. The nonrepudiation of a biometric authentication depends
on the authenticity of the corresponding biometric profile. If the enroll-
ment process is not controlled by some trusted entity, a user's biometric
data might be misleadingly linked to another person's digital identity.
To secure the biometric enrollment in open Web-based environments, we
propose the biometric observer principle: An arbitrary trustworthy per-
son observes an individual's enrollment at a biometric identity provider
and confirms this to the system. The concept rests on a specified trust
model, which assesses the trustworthiness of both the observer and the
authenticity of an observed biometric profile. Trust relations between ob-
server and observed persons are managed by the authentication system.
We implemented a cloud-based biometric identity provider to validate
and demonstrate the proposed concept.
Keywords: Authentication, Biometrics, Identity Management, Trust.
1
Introduction
Effective access control to cloud resources requires a high quality of user authen-
tication [18]. A possible way to achieve strong authentication in a very flexible
way is the employment of cloud-based biometric authentication services [20].
Before a biometric authentication is possible, an enrollment process has to be
passed in order to register a biometric template with the biometric system [9,15].
Therefore it might be necessary to secure the enrollment by restricting access to
legitimate persons only. Additionally, this persons have to accomplish the pro-
cess correctly. To achieve such a secure enrollment, we propose the biometric
oberver principle which applies basic ideas from the Web of Trust concept.
The remainder of this paper is structured as follows: Section 2 defines biomet-
rics and secure biometric enrollment. Section 3 refers to the relevant basics of
trust and trust models. In Section 4, the conceptual basics for the convergence
of trust models with a secure enrollment and a prototype implementation are
provided. Section 5 discusses the presented approach and Section 6 summarizes
the results and directs future research.
